package com.moyu.crowdsource.websetting.authentication;

import com.fasterxml.jackson.databind.ObjectMapper;

import com.moyu.crowdsource.util.Msg;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
import org.springframework.security.oauth2.provider.*;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Base64;

@Component("moyuAuthenticationSuccessHandler")
public class MoyuAuthenticationSuccessHandler implements AuthenticationSuccessHandler {

  Logger logger = LoggerFactory.getLogger(getClass());

  @Autowired private ObjectMapper objectMapper;

  //@Autowired private ClientDetailsService clientDetailsService;

  //@Autowired AuthorizationServerTokenServices authorizationServerTokenServices;

  @Override
  public void onAuthenticationSuccess(
      HttpServletRequest request, HttpServletResponse response, Authentication authentication)
      throws IOException, ServletException {
    logger.info("登录成功");

    /*String header = request.getHeader("Authorization");
    if (header != null && header.startsWith("Basic ")) {
      throw new UnapprovedClientAuthenticationException("请求头中无client信息");
    }

    String[] tokens = this.extractAndDecodeHeader(header, request);

    assert tokens.length == 2;

    String clientId = tokens[0];

    String clientSecret = tokens[1];

    ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);

    if (clientDetails == null) {
      throw new UnapprovedClientAuthenticationException("clientId对应的配置信息不存在:" + clientId);
    } else if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) {
      throw new UnapprovedClientAuthenticationException("clientSecret不匹配:" + clientId);
    }

    TokenRequest tokenRequest =
        new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "custom");

    OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);

    OAuth2Authentication oAuth2Authentication =
        new OAuth2Authentication(oAuth2Request, authentication);

    OAuth2AccessToken token =
        authorizationServerTokenServices.createAccessToken(oAuth2Authentication);

    response.setContentType("application/json;charset=UTF-8");
    response
        .getWriter()
        .write(
            objectMapper.writeValueAsString(
                token));*/
    response.setContentType("application/json;charset=UTF-8");
    response
        .getWriter()
        .write(
            objectMapper.writeValueAsString(
                Msg.success().add("info", authentication.getPrincipal())));
  }

  private String[] extractAndDecodeHeader(String header, HttpServletRequest request)
      throws IOException {
    byte[] base64Token = header.substring(6).getBytes("UTF-8");

    byte[] decoded;
    try {
      decoded = Base64.getDecoder().decode(base64Token);
    } catch (IllegalArgumentException var7) {
      throw new BadCredentialsException("Failed to decode basic authentication token");
    }

    String token = new String(decoded, "UTF-8");
    int delim = token.indexOf(":");
    if (delim == -1) {
      throw new BadCredentialsException("Invalid basic authentication token");
    } else {
      return new String[] {token.substring(0, delim), token.substring(delim + 1)};
    }
  }
}
